Re: [Polipo-users] two patches: avoid NULL-dereference

Wed, 19 Jan 2011 12:46:42 -0800 

Jim Meyering wrote:

> Juliusz Chroboczek wrote:
>
>>>> That's incorrect.
>>
>>> "Incorrect" ?
>> [...]
>>> I guess you mean "undesirable" or "contrary to policy".
>>
>> I s'pose I do.
>>
>>> Here's an alternative patch (untested):
>>
>>> +        if(request == NULL)
>>> +            return;
>>
>> No, that's still "undesirable", since specialRequestHandler will never
>> be invoked, and hence will never get a chance to either notify the
>> client or release the object (notice the retainObject above).
>
> Then maybe move the if/return up two lines, as below.

Or better still, if that's the semantics you want, simply
insert the return statement above:

>From 714cca9487fc1c6b3422a9643d2794998537ca5e Mon Sep 17 00:00:00 2001
From: Jim Meyering <[email protected]>
Date: Wed, 19 Jan 2011 20:38:02 +0100
Subject: [PATCH] avoid another NULL-dereference upon malloc failure

* local.c (fillSpecialObject): Return early when malloc fails.
---
 local.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/local.c b/local.c
index 82106c4..894f38e 100644
--- a/local.c
+++ b/local.c
@@ -561,14 +561,15 @@ fillSpecialObject(ObjectPtr object, void (*fn)(FILE*, 
char*), void* closure)
         request = malloc(sizeof(SpecialRequestRec));
         if(request == NULL) {
             kill(pid, SIGTERM);
             close(filedes[0]);
             abortObject(object, 503,
                         internAtom("Couldn't allocate request\n"));
             notifyObject(object);
+            return;
             /* specialRequestHandler will take care of the rest. */
         } else {
             request->buf = get_chunk();
             if(request->buf == NULL) {
                 kill(pid, SIGTERM);
                 close(filedes[0]);
                 free(request);
--
1.7.3.5

------------------------------------------------------------------------------
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and how to avoid them. Understand 
malware threats, the impact they can have on your business, and how you 
can protect your company and customers by using code signing.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Polipo-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/polipo-users

Reply via email to